Fix XSS on debug page (#1264)

Author: i-n-g-m-a-r

lib/plug/debugger.ex

@@ -214,7 +214,7 @@ defmodule Plug.Debugger do
         Keyword.merge(assigns,
           conn: conn,
           message: message,
-          markdown: markdown,
+          markdown: h(markdown),
           style: style,
           banner: banner,
           actions: actions,

lib/plug/templates/debugger.html.eex

@@ -849,7 +849,7 @@
         function copyToClipboard () {
           if(navigator.clipboard) {
             // For those working on localhost or HTTPS
-            navigator.clipboard.writeText($copy.innerHTML).then(copiedClipboard).catch(() => {})
+            navigator.clipboard.writeText($copy.textContent).then(copiedClipboard).catch(() => {})
           } else {
             // For those working on HTTP
             $copy.select()